CVE-2020-36785

Published: Feb 28, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs() The "s3a_buf" is freed along with all the other items on the "asd->s3a_stats" list. It leads to a double free and a use after free.

Vendor	Product	Versions
Linux	Linux	affected `ad85094b293e40e7a2f831b0311a389d952ebd5e - < d218c7a0284f6b92a7b82d2e19706e18663b4193` affected `ad85094b293e40e7a2f831b0311a389d952ebd5e - < 801c1d505894008c888bc71d08d5cff5d87f8aba` affected `ad85094b293e40e7a2f831b0311a389d952ebd5e - < 8267ccd7b9df7ab682043507dd682fe0621cf045` affected `ad85094b293e40e7a2f831b0311a389d952ebd5e - < ba11bbf303fafb33989e95473e409f6ab412b18d`
Linux	Linux	affected `5.8` unaffected `0 - < 5.8` unaffected `5.10.37 - <= 5.10.` unaffected `5.11.21 - <= 5.11.` unaffected `5.12.4 - <= 5.12.*` +1 more versions

References

https://git.kernel.org/stable/c/d218c7a0284f6b92a7b82d2e19706e18663b4193

https://git.kernel.org/stable/c/801c1d505894008c888bc71d08d5cff5d87f8aba

https://git.kernel.org/stable/c/8267ccd7b9df7ab682043507dd682fe0621cf045

https://git.kernel.org/stable/c/ba11bbf303fafb33989e95473e409f6ab412b18d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-36785

Description

Affected Products

References